const Router = require('@koa/router');
const userController = require('../controllers/user.controller');
const { checkAuth, checkPermission } = require('../middlewares/auth');

const router = new Router({
  prefix: '/api/v1/users'
});

/**
 * @swagger
 * /users/forgot-password:
 *   post:
 *     tags: [用户管理]
 *     summary: 忘记密码
 *     description: 发送密码重置邮件
 *     requestBody:
 *       required: true
 *       content:
 *         application/json:
 *           schema:
 *             type: object
 *             required:
 *               - email
 *             properties:
 *               email:
 *                 type: string
 *                 format: email
 *                 description: 用户注册的电子邮箱
 *                 example: user@example.com
 *     responses:
 *       200:
 *         description: 重置邮件发送成功
 *         content:
 *           application/json:
 *             schema:
 *               type: object
 *               properties:
 *                 message:
 *                   type: string
 *                   example: 密码重置邮件已发送，请检查您的邮箱
 *       400:
 *         description: 邮箱不存在
 */
router.post('/forgot-password', userController.forgotPassword);

/**
 * @swagger
 * /users/reset-password:
 *   post:
 *     tags: [用户管理]
 *     summary: 重置密码
 *     description: 使用重置令牌设置新密码
 *     requestBody:
 *       required: true
 *       content:
 *         application/json:
 *           schema:
 *             type: object
 *             required:
 *               - token
 *               - password
 *             properties:
 *               token:
 *                 type: string
 *                 description: 密码重置令牌
 *                 example: eyJhbGciOiJIUzI1NiIs...
 *               password:
 *                 type: string
 *                 format: password
 *                 description: 新密码（至少8位，包含字母和数字）
 *                 example: NewPassword123
 *     responses:
 *       200:
 *         description: 密码重置成功
 *         content:
 *           application/json:
 *             schema:
 *               type: object
 *               properties:
 *                 message:
 *                   type: string
 *                   example: 密码重置成功
 *       400:
 *         description: 重置令牌无效或已过期
 */
router.post('/reset-password', userController.resetPassword);

/**
 * @swagger
 * /users/password:
 *   put:
 *     tags: [用户管理]
 *     summary: 修改密码
 *     description: 已登录用户修改自己的密码
 *     security:
 *       - bearerAuth: []
 *     requestBody:
 *       required: true
 *       content:
 *         application/json:
 *           schema:
 *             type: object
 *             required:
 *               - currentPassword
 *               - newPassword
 *             properties:
 *               currentPassword:
 *                 type: string
 *                 format: password
 *                 description: 当前密码
 *                 example: OldPassword123
 *               newPassword:
 *                 type: string
 *                 format: password
 *                 description: 新密码（至少8位，包含字母和数字）
 *                 example: NewPassword123
 *     responses:
 *       200:
 *         description: 密码修改成功
 *         content:
 *           application/json:
 *             schema:
 *               type: object
 *               properties:
 *                 message:
 *                   type: string
 *                   example: 密码修改成功
 *       400:
 *         description: 当前密码错误
 *       401:
 *         description: 未认证
 */
router.put('/password', checkAuth, userController.changePassword);

/**
 * @swagger
 * /users:
 *   get:
 *     tags: [用户管理]
 *     summary: 获取用户列表
 *     description: 管理员获取所有用户列表（支持分页和筛选）
 *     security:
 *       - bearerAuth: []
 *     parameters:
 *       - in: query
 *         name: page
 *         schema:
 *           type: integer
 *           minimum: 1
 *           default: 1
 *         description: 页码
 *       - in: query
 *         name: limit
 *         schema:
 *           type: integer
 *           minimum: 1
 *           maximum: 100
 *           default: 10
 *         description: 每页数量
 *       - in: query
 *         name: search
 *         schema:
 *           type: string
 *         description: 搜索关键词（用户名/邮箱）
 *       - in: query
 *         name: status
 *         schema:
 *           type: string
 *           enum: [active, disabled]
 *         description: 用户状态筛选
 *     responses:
 *       200:
 *         description: 获取成功
 *         content:
 *           application/json:
 *             schema:
 *               type: object
 *               properties:
 *                 total:
 *                   type: integer
 *                   example: 100
 *                 pages:
 *                   type: integer
 *                   example: 10
 *                 current:
 *                   type: integer
 *                   example: 1
 *                 users:
 *                   type: array
 *                   items:
 *                     type: object
 *                     properties:
 *                       id:
 *                         type: string
 *                         example: "12345"
 *                       username:
 *                         type: string
 *                         example: johndoe
 *                       email:
 *                         type: string
 *                         example: john@example.com
 *                       status:
 *                         type: string
 *                         example: active
 *                       createdAt:
 *                         type: string
 *                         format: date-time
 *       401:
 *         description: 未认证
 *       403:
 *         description: 无权限访问
 */
router.get('/', checkAuth, checkPermission(['admin']), userController.getUsers);

/**
 * @swagger
 * /users/{id}:
 *   get:
 *     tags: [用户管理]
 *     summary: 获取用户详情
 *     description: 管理员获取指定用户的详细信息
 *     security:
 *       - bearerAuth: []
 *     parameters:
 *       - in: path
 *         name: id
 *         required: true
 *         schema:
 *           type: string
 *         description: 用户ID
 *     responses:
 *       200:
 *         description: 获取成功
 *         content:
 *           application/json:
 *             schema:
 *               type: object
 *               properties:
 *                 id:
 *                   type: string
 *                   example: "12345"
 *                 username:
 *                   type: string
 *                   example: johndoe
 *                 email:
 *                   type: string
 *                   example: john@example.com
 *                 phoneNumber:
 *                   type: string
 *                   example: "13800138000"
 *                 status:
 *                   type: string
 *                   example: active
 *                 roles:
 *                   type: array
 *                   items:
 *                     type: string
 *                   example: ["user"]
 *                 createdAt:
 *                   type: string
 *                   format: date-time
 *                 lastLoginAt:
 *                   type: string
 *                   format: date-time
 *       401:
 *         description: 未认证
 *       403:
 *         description: 无权限访问
 *       404:
 *         description: 用户不存在
 *   put:
 *     tags: [用户管理]
 *     summary: 更新用户信息
 *     description: 管理员更新指定用户的信息
 *     security:
 *       - bearerAuth: []
 *     parameters:
 *       - in: path
 *         name: id
 *         required: true
 *         schema:
 *           type: string
 *         description: 用户ID
 *     requestBody:
 *       required: true
 *       content:
 *         application/json:
 *           schema:
 *             type: object
 *             properties:
 *               email:
 *                 type: string
 *                 format: email
 *                 description: 电子邮箱
 *               phoneNumber:
 *                 type: string
 *                 description: 手机号码
 *               roles:
 *                 type: array
 *                 items:
 *                   type: string
 *                 description: 用户角色列表
 *               status:
 *                 type: string
 *                 enum: [active, disabled]
 *                 description: 用户状态
 *     responses:
 *       200:
 *         description: 更新成功
 *         content:
 *           application/json:
 *             schema:
 *               type: object
 *               properties:
 *                 message:
 *                   type: string
 *                   example: 用户信息更新成功
 *       401:
 *         description: 未认证
 *       403:
 *         description: 无权限访问
 *       404:
 *         description: 用户不存在
 *   delete:
 *     tags: [用户管理]
 *     summary: 删除用户
 *     description: 管理员删除指定用户
 *     security:
 *       - bearerAuth: []
 *     parameters:
 *       - in: path
 *         name: id
 *         required: true
 *         schema:
 *           type: string
 *         description: 用户ID
 *     responses:
 *       200:
 *         description: 删除成功
 *         content:
 *           application/json:
 *             schema:
 *               type: object
 *               properties:
 *                 message:
 *                   type: string
 *                   example: 用户删除成功
 *       401:
 *         description: 未认证
 *       403:
 *         description: 无权限访问
 *       404:
 *         description: 用户不存在
 */
router.get('/:id', checkAuth, checkPermission(['admin']), userController.getUserById);
router.put('/:id', checkAuth, checkPermission(['admin']), userController.updateUser);
router.delete('/:id', checkAuth, checkPermission(['admin']), userController.deleteUser);

/**
 * @swagger
 * /users/{id}/disable:
 *   post:
 *     tags: [用户管理]
 *     summary: 禁用用户
 *     description: 管理员禁用指定用户的账户
 *     security:
 *       - bearerAuth: []
 *     parameters:
 *       - in: path
 *         name: id
 *         required: true
 *         schema:
 *           type: string
 *         description: 用户ID
 *     responses:
 *       200:
 *         description: 禁用成功
 *         content:
 *           application/json:
 *             schema:
 *               type: object
 *               properties:
 *                 message:
 *                   type: string
 *                   example: 用户已禁用
 *       401:
 *         description: 未认证
 *       403:
 *         description: 无权限访问
 *       404:
 *         description: 用户不存在
 */
router.post('/:id/disable', checkAuth, checkPermission(['admin']), userController.disableUser);

/**
 * @swagger
 * /users/{id}/enable:
 *   post:
 *     tags: [用户管理]
 *     summary: 启用用户
 *     description: 管理员启用指定用户的账户
 *     security:
 *       - bearerAuth: []
 *     parameters:
 *       - in: path
 *         name: id
 *         required: true
 *         schema:
 *           type: string
 *         description: 用户ID
 *     responses:
 *       200:
 *         description: 启用成功
 *         content:
 *           application/json:
 *             schema:
 *               type: object
 *               properties:
 *                 message:
 *                   type: string
 *                   example: 用户已启用
 *       401:
 *         description: 未认证
 *       403:
 *         description: 无权限访问
 *       404:
 *         description: 用户不存在
 */
router.post('/:id/enable', checkAuth, checkPermission(['admin']), userController.enableUser);

module.exports = router;